4 matches found
CVE-2019-15053
The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element...
Exploit for Cross-site Scripting in Atlassian Html_Include_And_Replace_Macro
CVE-2019-15053 FAB-2019-00156 Vulnerability discoverd by me...
CVE-2019-15053
The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element...
CVE-2019-15053
The CVE-2019-15053 issue affects the HTML Include and replace macro plugin for Confluence Server (pre-1.5.0). A bypass of the includeScripts=false XSS protection via an IFRAME vector is documented, enabling cross-site scripting. Connected sources show a public exploit draft and vendor advisories ...